On 17/09/2019 18:59, Stefan Claas via Gnupg-users wrote: > I assume that in order to decrypt a message the secret key data must be > unlocked and loaded for a very short time into the computers RAM, in order > to perform the decryption, or am I wrong with my assumption?
OpenPGP messages encrypted to a public key are hybrid encryption: the asymmetric (public/private) crypto is used to establish a per-message shared secret. This shared secret is used by a symmetric encryption algorithm to encrypt the actual data. The smartcard does the asymmetric part of it all by itself, the computer just asks it to decrypt something and gets the per-message shared secret back from the card. Then the PC will do the symmetric decryption of the actual data. During regular use, knowledge about the private key contents never leaves the smartcard, not for the briefest period. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
